Quick Links

Account Settings

Tableau Secure Software Development

Tableau understands that data is among the most strategic and important assets an organization has. Therefore we have a strong commitment to the security of our products and services.

We often get questions from enterprise customers about how we test the security of our software. In this paper, we will share with you some of the practices and approaches we use internally to identify, test and address potential security vulnerabilities in our products. The goal is to provide an overview of the broader security lifecycle that enables Tableau to deliver secure, high-quality products.

We've also pulled out the first several pages of the whitepaper for you to read. Download the PDF on the right to read the rest.

Tableau Secure Software Development

Tableau understands that data is among the most strategic and important assets an organization has. Therefore we have a strong commitment to the security of our products and services.

We often get questions from enterprise customers about how we test the security of our software. In this paper, we will share with you some of the practices and approaches we use internally to identify, test and address potential security vulnerabilities in our products. The goal is to provide an overview of the broader security lifecycle that enables Tableau to deliver secure, high-quality products.

Security Engineering Practices

Tableau’s engineering team is responsible for ensuring that security is a key component of the entire development process. From design reviews, to test cycles, to bug triage, security issues are closely tracked and monitored. All security issues are thoroughly researched, resolved, and then re-tested to ensure they are properly remediated. Additionally, we require key engineering team members to go through secure code development training. Training is delivered at regular intervals or as needed for new hires. This is done to ensure that coding and testing are done with security in mind.

Tableau Security Review

Tableau has an established process that allows us to be responsive to our customers when security issues or concerns arise. We have a Security Review Team that consists of some of our most senior engineers, architects, operations managers, and test leaders. When potential vulnerabilities are identified, the Security Review team reviews the issue, evaluates the risk and impact and decides on an appropriate course of action. If an immediate fix is warranted, necessary action is taken to deliver a maintenance release and publish remediation steps.

Customer Communication

When necessary, Tableau will use reasonable means to communicate the risk of any security vulnerability and share any preventive measures that may be applicable. Depending on the situation, we may communicate details of the security fixes through one or more mechanisms, including software release notes, announcements, community forum updates, and customer outreach via email. While we continuously test our products and monitor for new threats, there is a small chance that a security issue may still be present. If customers become aware of a potential security vulnerability in any of our products they are encouraged to open a case with the Tableau Customer Support organization so we can review and assess the issue.